Not including all 108k unicode characters lowers the possible number of combinations around 423 times. I would say that is quite a trade-off..

Click to expand...

Theoretically yes. However using those Unicode characters posses it's own set of issues. For example using a Unicode character wrong would essentially break the entire system. Either by preventing access or ignoring those characters and in effect making your password weaker.

Considering a 22 character ASCII password has the same (approximately) permutations as a 128 bit symmetric key and a ~30 character ASCII password has the same as a 256 bit symmetric key, I don't understand the need for this. If you are so paranoid I suggest using a 64 character ASCII password with maximum entropy and at least one character from each of the 95 character sets. Such a password has more possible permutations than a 256 bit symmetric key.